What You Need to Know About The California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA)

In June of 2018, California’s legislature passed the strictest state-level data security regulation in the US. Scheduled to go into effect on January 1, 2020, The California Consumer Privacy Act of 2018 (CCPA) requires certain businesses that maintain personally identifiable information about consumers (both customers and potential customers) who live in California to enable the consumer to see it upon request free of charge, and to disclose to the consumer specifically what it’s used for. Consumers will also have the right to stop a business from sharing their information, or to require it to be deleted entirely.

The regulation will apply to business that meet any one of the following three criteria:

• Gross annual revenue above $25 million
• Acquires in any manner, shares, or sells the personal information of 50,000 or more consumers, households, or devices per year
• Derives more than 50% of annual revenue from selling personal information

Like Europe's General Data Protection Regulation (GDPR), the CCPA will affect many businesses who collect personal information from California residents; allowing Californians to sue businesses if their personal information is compromised in a data breach.

For more information visit the California Department of Justice CCPA. 

“What California’s New Data Privacy Law Means For You” KPBS Feature, Thursday, September 5, 2019.